<?php
function profileIns(){
	global $objSDAO;
	$errMsg = "";
	if(!isset($_REQUEST["description"]) || $_REQUEST["description"] == "")
		$errMsg .= _t("La description &egrave; obbligatoria")."<br>";
	if($errMsg != "")
		return $errMsg;
	//controllo che lo user non esista gi@
	$sSQL = "SELECT count(*) as num FROM profile WHERE description='".$_REQUEST["description"]."'";
	$num = 0;
	if($objSDAO->query($sSQL,"test",array("contOnErr"=>true))){
		if($row = $objSDAO->fetch("test")){
			$num = $row["num"]; 
		}
	}else{
		$errMsg .= $objSDAO->error;
	}
	if($num != 0)
		$errMsg .= _t("Il profilo esiste gi&agrave;")."<br>";
	if($errMsg == ""){
			$sSQL = "INSERT INTO " .
				"profile " .
				"(description, " .
				"note)" .
				"VALUES('".addslashes(sxGPC($_REQUEST["description"]))."', " .
				"'".addslashes(sxGPC($_REQUEST["note"]))."'" .
				")";	
		if($objSDAO->query($sSQL,"ins",array("contOnErr"=>true))){
			logRecord("360", _t("Inserito il profilo")." '".addslashes(sxGPC($_REQUEST["description"]))."'");
			//serverRedir("profileList.php?xsn=".XSN);
			$url = $_SESSION[USEROBJ]->getHistory(0, true);
			serverRedir($url);
		}else{
			$errMsg .= $sSQL."<br> - ".$objSDAO->error."<br>";
		}
	}
	return $errMsg;
}

function profileUserIns(){
	global $objSDAO;
	$errMsg = "";
	if(!isset($_REQUEST["id_profile"]) || $_REQUEST["id_profile"] == "")
		$errMsg .= _t("profilo non definito")."<br>";
	//elimino i flag esistenti e reinserisco
	if($errMsg == ""){
		$sSQL = "DELETE FROM user_profile WHERE id_profile=".$_REQUEST["id_profile"];
		$num = 0;
		if(!$objSDAO->query($sSQL,"del",array("contOnErr"=>true))){
			$errMsg .= $sSQL." - ".$objSDAO->error;
		}
		if($errMsg == ""){
			$lista_user = "";
			$sep = "";
			foreach($_REQUEST as $key=>$value){
				if(strpos($key, "user_") !== false){
					$id_user = str_replace("user_", "", $key);
					$sSQL = "INSERT INTO " .
						"user_profile " .
						"(id_profile, " .
						"id_user)" .
						"VALUES(".$_REQUEST["id_profile"]."," .
						"$id_user)";	
					if(!$objSDAO->query($sSQL,"ins",array("contOnErr"=>true))){
						$errMsg .= $sSQL."<br> - ".$objSDAO->error."<br>";
					}
					$lista_user .= $sep.$id_user;
					$sep = ", ";
				}
			}
			if($errMsg == ""){
				logRecord("361", _t("Inserito gli utenti")." '".$lista_user."' "._t("nel profilo")." '".$_REQUEST["id_profile"]."'");
				//serverRedir("profileView.php?id=".$_REQUEST["id_profile"]."&xsn=".XSN);
				$url = $_SESSION[USEROBJ]->getHistory(0, true);
				serverRedir($url);
			}
		}
	}
	return $errMsg;
}

function profileMod(){
	global $objSDAO;
	$errMsg = "";
	if(!isset($_REQUEST["id_profile"]) || $_REQUEST["id_profile"] == "")
		$errMsg .= _t("profilo non definito")."<br>";
	if(!isset($_REQUEST["description"]) || $_REQUEST["description"] == "")
		$errMsg .= _t("La description &egrave; obbligatoria")."<br>";
	//controllo che lo user non esista gi@
	if($errMsg == ""){
			$sSQL = "UPDATE profile SET " .
				" description='".addslashes(sxGPC($_REQUEST["description"]))."', " .
				" note='".addslashes(sxGPC($_REQUEST["note"]))."' " .
				" WHERE id_profile=".$_REQUEST["id_profile"];	
		if($objSDAO->query($sSQL,"upd",array("contOnErr"=>true))){
			logRecord("460", _t("Modificato il profilo")." '[".$_REQUEST["id_profile"]."] ".addslashes(sxGPC($_REQUEST["description"]))."'");
			//serverRedir("profileList.php?xsn=".XSN);
			$url = $_SESSION[USEROBJ]->getHistory(0, true);
			serverRedir($url);
		}else{
			$errMsg .= $sSQL."<br> - ".$objSDAO->error."<br>";
		}
	}
	return $errMsg;
}

function profileDel(){
	global $objSDAO;
	$errMsg = "";
	if(!isset($_REQUEST["id_profile"]) || $_REQUEST["id_profile"] == "")
		$errMsg .= _t("profilo non definito")."<br>";
	if(!is_numeric($_REQUEST["id_profile"]))
		$errMsg .= _t("Il codice profilo contiene caratteri non validi")."<br>";
	if($errMsg == ""){	
		//verifico che il profile non sia associato a qualche utente
		$sSQL = "SELECT count(*) as num FROM user_profile WHERE id_profile=".$_REQUEST["id_profile"];
		$num = 0;
		if($objSDAO->query($sSQL,"test",array("contOnErr"=>true))){
			if($row = $objSDAO->fetch("test")){
				$num = $row["num"]; 
			}
		}else{
			$errMsg .= $objSDAO->error;
		}
		if($num != 0)		
			$errMsg .= _t("Il profilo &egrave; in uso: non &egrave; possibile eliminarlo");
		if($errMsg == ""){	
			$sSQL = "DELETE FROM profile WHERE id_profile=".$_REQUEST["id_profile"];	
			if($objSDAO->query($sSQL,"del",array("contOnErr"=>true))){
				logRecord("560", _t("Eliminato il profilo")." '[".$_REQUEST["id_profile"]."] ".addslashes(sxGPC($_REQUEST["description"]))."'");
				//serverRedir("profileList.php?xsn=".XSN);
				$url = $_SESSION[USEROBJ]->getHistory(-1, true);
				serverRedir($url);
			}else{
				$errMsg .= $sSQL."<br> - ".$objSDAO->error."<br>";
			}
		}
	}
	return $errMsg;
}

function profileFlagIns() {
	global $objSDAO, $objUser;
	$aFlagProfileDef = array();
	$aProFlag = array();
	require('../../../app/_inc/aProFlag.php');
	foreach($aProFlag as $flg =>$aFlg) {
		foreach($aFlg['val'] as $val => $dv) {
			$aFlagProfileDef[$flg] = $val;
			break;
		}
	}
	$errMsg = "";
	if(!isset($_REQUEST["id_profile"]) || $_REQUEST["id_profile"] == "")
		$errMsg .= _t("profilo non definito")."<br>";
	if(!is_numeric($_REQUEST["id_profile"]))
		$errMsg .= _t("Il codice profilo contiene caratteri non validi")."<br>";
	//elimino i flag esistenti e reinserisco
	if($errMsg == ""){
		$sSQL = "DELETE FROM flag_profile WHERE id_profile=".$_REQUEST["id_profile"];
		if(!$objSDAO->query($sSQL,"test",array("contOnErr"=>true))){
			$errMsg .= $sSQL." - ".$objSDAO->error;
		}
		if($errMsg == ""){
			$listaProfili = "";
			$sep = "";
			foreach($_REQUEST as $key=>$value) {
				if(substr($key,0,6) == "value_") {
					$flag = substr($key,6);
					if ($value != $aFlagProfileDef[$flag]){
						$sSQL = "INSERT INTO " .
							"flag_profile " .
							"(flag, " .
							"id_profile, " .
							"val_flag)" .
							"VALUES('$flag', " .
							$_REQUEST["id_profile"]."," .
							"'$value')";	
						if(!$objSDAO->query($sSQL,"ins")){
							$errMsg .= $sSQL."<br> - ".$objSDAO->error."<br>";
						}
						$listaProfili .= $sep.$flag."=".$value;
						$sep = ", ";
					}
				}
			}
			if($errMsg == ""){
				logRecord("362", _t("Inseriti i flag")." '$listaProfili' "._t("nel profilo")." '".$_REQUEST["id_profile"]."'");
				//serverRedir($objUser->getHistory(0,true));
				$url = $_SESSION[USEROBJ]->getHistory(0, true);
				serverRedir($url);
			}
		}
	}
	return $errMsg;
}
?>
